IN THE claims: 

1 1. (Currently Amended) A method of providing access to a server inside a 

2 firewall havin g an TP address comprising the steps of: 

3 receiving at a first proxy outside the firewall a connection request from a cUent 

4 that is also outside the firewall ^.id first prox y having an IP address that is different fi-om 

5 the TP address of the firewall : 

6 sending said connection request through said firewall, over a control channel 

7 previously established by a second proxy inside said firewall; 

8 said second proxy authenticating the client; 

9 said second proxy establishing a data connection with said first proxy, through 

1 0 said firewall, through which said first proxy can forward requests of said client to said 

1 1 second proxy. 

1 2. (Original) The method of claim 1 fiirther comprising the step of receiving a 

2 requested resource at the second proxy fi-om the server inside the firewall and using the 

3 estabUshed connection between the second proxy and the client to forward the requested 

4 resource to the client. 
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3. (Original) The method of claim 2 wherein the resource is a document 



2 containing hyperlinks to other resources. 

1 4. (Original) The method of claim 3 wherein the second proxy translates the 

2 hyperlinks in the document into references directed to and interpreted by the second 

3 proxy. 

5. (Original) The method of claim 3 wherein the document is a Web page. 

6. (Previously Presented) The method of claim 1 wherein the data connection 



2 uses a secure communication protocol. 



1 

2 is SSL. 



7. (Original) The method of claim 5 wherein the secure communication protocol 



2 
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8. (Original) The method of claim 1 wherein the client is a browser and the 

2 server is a Web server. 

1 9. (Original) The method of claim 1 wherein the client is authenticated using a 

2 password mechanism. 

1 10. (Original) The method of claim 9 wherein the client is authenticated using a 

2 one-time password mechanism. 
1 1 . (Original) A method of providing a client access to a resource stored behind 

2 a firewall comprising the steps of: 

3 parsing the resource for hyperlinks to other resources behind the firewall; 

4 rewriting said hyperlinks to point to a proxy enabled to access resources behind 

5 the firewall; and 

6 transmitting the resource with the rewritten hyperlinks to the client. 

1 12. (Original) The method of claim 1 1 wherein the resource is a Web page. 

1 13. (Original) The method of claim 1 1 wherein the rewritten hyperlinks also 

2 comprise security information. 

1 14. (Previously Presented) The method of claim 1 further comprising the step of 

2 receiving at said second proxy, in response to a request for a resource from said second 

3 proxy, said requested resource from the server inside the firewall and using the 

4 established comiection between the second proxy and the client to forward the requested 

5 resource to the client. 

1 15. (Previously Presented) The method of claim 1 further comprising the step of 

2 receiving from said first proxy, at said second proxy, a request for a resource of the 



server. 
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16. (Previously Presented) The method of claim 1 wherein said connection 
request comprises a URL, the method further comprising said second proxy executing the 



3 steps of 



3 



translating said URL to a URL that corresponds to a URL of a server inside said 



4 

5 firewall; and 

6 establishing a connection with said URL 



17. (Previously Presented) The method of claim 1 wherein the client is 
authenticated via said control channel using a password mechanism. 

18. (Previously Presented) The method of claim 1 wherein said control chamiel 
is maintained by sending a command that requests a response, over said control channel, 
at intervals that insure a silence period of not more than a preselected value. 

19. (Previously Presented) The method of claim 1 wherein said control chamiel 
2 is adapted to carry a limited number of different messages. 

20. (Previously Presented) The method of claim 1 wherein said control channel 

2 is adapted to carry messages fi-om a set that consists of 

3 a message sent by said second proxy to estabUsh said control chamiel, 
a message sent by said first proxy to request establishment of said data 
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5 connection, 

6 a hailing message that expects a reply, and 

7 a reply message that acknowledges said hailing message. 



21. (Previously Presented) The method of claim 1 said step of estabUshing said 
data comiection is followed by a step of said second proxy sending a message to said first 
proxy, over said data connection, to inform said first proxy of the establishment of said 

4 data connection. 

22. (Previously Presented) The method of claim 1 wherein said control channel 

6 is maintained by periodically one of the proxies sending a command that requests a 

7 response from the other of said proxies. 
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23. (New) A method of a user at a host on an outside side of a fire wall obtaining 
web pages from a server on an inside side of said firewall comprising the steps of: 

receiving at a first proxy outside the firewall that is adapted to serve as an 
interface between servers on said inside side of said fire wall and hosts on said outside 
side of said firewall a connection request from a said user, employing a secure 
communication protocol; 

sending said connection request through said firewall, over a control channel 
previously established by a second proxy on said inside side of said firewall; 

said second proxy authenticating the user; 

said second proxy establishing a data connection with said first proxy, through 
said firewall, through which said first proxy can forward requests of said client to said 
second proxy; and 

said user obtaining web pages from said server by directing requests to IP address 
of said first proxy. 
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